<?php

/**
 * Albireo Kernel
 *
 * @copyright  Copyright (c) 2010 Albireo Solutions
 * @package    Kernel
 */

namespace KernelModule;

use Nette\Environment;
use Nette\Forms\Form;
use Nette\Security\AuthenticationException;
use Albireo\Forms\AlbireoForm;
use Albireo\Mode;
use GettextExtractor\Translator;
use Celebrio\AccessControl\AclConstants;

/**
 * Sign In Page presenter.
 *
 * @author     Albireo Solutions
 * @package    Kernel
 */
class SignInPresenter extends BasePresenter {

    public function beforeRender() {
        // Sign In pages can't be cached (recommended by ISO/IEC 27002)
        Environment::getHttpResponse()->setHeader("Cache-Control", "no-cache");
        parent::beforeRender();
    }

    /**
     * Render default action
     */
    public function renderDefault() {
        $this->template->title = _("Sign In");
    }

    public function renderDesktop() {
        $this->template->title = _("Sign In");
    }

    public function actionDefault() {
        if ($this->getUser()->isLoggedIn()) {
            $this->getTemplate()->loggedIn = true;
            $this->getTemplate()->canGoToKernel = false;
            try {
                $this->getTemplate()->canGoToKernel = $this->getUser()->isAllowed("Kernel:Overview", "default");
            } catch(\InvalidStateException $e) {
                // it seems he can't go to kernel for some reason (db unavailibility...)
            }
        } else {
            $this->getTemplate()->loggedIn = false;
        }
    }

    public function actionDesktop() {
        if ($this->getUser()->isLoggedIn()) {
            $this->redirect(':Webtop:Default:default');
        }
    }

    private function generateForm() {
        $form = new AlbireoForm();

        // Cross-Site Request Forgery (CSRF) form protection
        // TODO: otestovat proc se ta chyba vzdycky vyhodi
        // $form->addProtection('Security token did not match. Possible CSRF attack.', 3);

        $form->addText('username', _('Username:'))
                ->addRule(Form::FILLED, _('Please provide a username.'))
        ->controlPrototype->autocomplete("off"); // user can't save username in his browser (recommended by ISO/IEC 27002)
        $form->addPassword('password', _('Password:'))
                ->addRule(Form::FILLED, _('Please provide a password.'))
        ->controlPrototype->autocomplete("off"); // user can't save password in his browser (recommended by ISO/IEC 27002)
        $form->addSubmit('login', _('Sign in'));

        $form->onSubmit[] = callback($this, 'loginFormSubmitted');
        return $form;
    }

    /**
     * Sign in form.
     * @return mixed (form)
     */
    protected function createComponentSignInForm() {
        $form = $this->generateForm();
        $form->addHidden('redirect', ':Kernel:Overview:default');
        return $form;
    }

    protected function createComponentSignInDeskForm() {
        $form = $this->generateForm();
        $form->addHidden('redirect', ':Webtop:Default:default');
        return $form;
    }

    /**
     * Logs in user, authenticate and authorize, then redirects
     */
    public function loginFormSubmitted($form) {
        $user = $this->getUser();
        //$user->setExpiration('+ 15 minutes', TRUE);
        $user->setExpiration('+ 120 minutes', TRUE);
        try {
            $sm = new SignModel();
            $sm->signIn($user, $form->values);
        } catch (AuthenticationException $e) {
            $form->addError($e->getMessage());
        }
    }

}